Withdrawn: 8277474: jarsigner does not check if algorithm parameters are disabled

On Tue, 22 Feb 2022 20:18:19 GMT, Hai-May Chao wrote: > This fixes jarsigner to enforce checking against algorithm constraint > properties so when the signature algorithms parameters use disabled or legacy > algorithms, it will emit warnings accordingly. If the algorithm used in >

RFR: 8277474: jarsigner does not check if algorithm parameters are disabled

This fixes jarsigner to enforce checking against algorithm constraint properties so when the signature algorithms parameters use disabled or legacy algorithms, it will emit warnings accordingly. If the algorithm used in parameters is disabled, jarsigner treats the jar as unsigned. -

RFR: 8272163: Add -version option to keytool and jarsigner

It'd be useful to have a -version option for keytool and jarsigner. Many other JDK tools already have a -version option. This is to add -version option to keytool and jarsigner like jar command does. - Commit messages: - 8272163: Add -version option to keytool and jarsigner Change

RFR: 8266225: jarsigner is using incorrect security property to show weakness of certs

Please review the change to jarsigner so it uses certpath security property in order to properly display the weakness of the certificate algorithms. - Commit messages: - 8266225:jarsigner is using incorrect security property to show weakness of certs Changes: https://git.openjdk.j

RFR: 8259401: Add checking to jarsigner to warn weak algorithms used in si…

The jarsigner tool currently provides warning associated with the signer’s cert when it uses weak algorithms, but not for the CA certs. This change is to process the signer’s cert chain to warn if CA certs use weak algorithms. - Commit messages: - 8259401: Add checking to jarsigner

Integrated: 8253299: Manifest bytes are read twice when verifying a signed JAR

On Wed, 18 Nov 2020 21:59:01 GMT, Hai-May Chao wrote: > Small change to retrieve the raw bytes of manifest during verifying signed > JAR. This pull request has now been integrated. Changeset: 9bb82232 Author: Hai-May Chao Committer: Lance Andersen URL: https://git.openjdk.ja

Re: RFR: 8253299: Manifest bytes are read twice when verifying a signed JAR

On Thu, 19 Nov 2020 17:13:00 GMT, Lance Andersen wrote: >> Small change to retrieve the raw bytes of manifest during verifying signed >> JAR. > > Marked as reviewed by lancea (Reviewer). Thank you all for the review. I added the noreg-trivial label to the bug. - PR: https://git.op

Re: RFR: 8253299: Manifest bytes are read twice when verifying a signed JAR

On Thu, 19 Nov 2020 17:20:58 GMT, Hai-May Chao wrote: >> Marked as reviewed by lancea (Reviewer). > > Thank you all for the review. I added the noreg-trivial label to the bug. Lance, I've entered /integrate. Thank you for sponsoring this! - PR: https://git.ope

RFR: 8253299: Manifest bytes are read twice when verifying a signed JAR

Small change to retrieve the raw bytes of manifest during verifying signed JAR. - Commit messages: - 8253299: Manifest bytes are read twice when verifying a signed JAR Changes: https://git.openjdk.java.net/jdk/pull/1299/files Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=12

Re: RFR: 8250968: Symlinks attributes not preserved when using jarsigner on zip files

JarSigner.java #953: The output debug message can be removed from the code. JavaUtilZipFileAccess.java #44: Change posixPerms to extraAttrs. ZipFile.java #661: Suggest to keep the comment and update it with the additional 4 bits for symlink. The rest of code changes and CSR look good. Thanks, Ha